Tighten Pro is now available in the Mac App Store.
Simply click on the icon to the left to purchase directly from Apple.
Or choose PKCS#7Viewer.app by clicking the image to the right.

5.04.2012

Mac Developer: Developer ID and Gatekeeper - Apple Developer

You may have heard about Developer ID and Gatekeeper, new security features coming in Mountain Lion. Essentially, this is an implementation of codesigning designed to secure 3rd party applications distributed over the internet.

Using Tighten Pro, you can inspect the certificate chain of any codesigned application. Last year, on stackoverflow.com, I wrote about the differences between the codesign on your app after you sign it with Xcode vs. your app after being delivered by the Mac App Store.

To summarize, the certificate chain looks like this after you sign it with Xcode and submit it to Apple for approval:

We've already tested Tighten with self-signed certificate chains and it works correctly as long as the leaf signing certificate has been signed by an intermediate authority (3 levels). It is possible to create your own Root CA and issue your own codesigning certificates. It can be done with Apple's Certificate Assistant (Keychain Access.app), but it is tricky due to bugs in Certificate Assistant.